How to remove Western.Railway.exe
- File Details
- Overview
- Analysis
Western.Railway.exe
The module Western.Railway.exe has been detected as Trojan.CoinMiner
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
823620defec6945669fd86c18ab0e10d |
| Size: |
29 MB |
| First Published: |
2017-10-15 19:10:19 (7 years ago) |
| Latest Published: |
2018-01-12 14:26:41 (7 years ago) |
| Status: |
Trojan.CoinMiner (on last analysis) |
|
| Analysis Date: |
2018-01-12 14:26:41 (7 years ago) |
| %sysdrive%\компьютер\белофф\wpi\install |
| %sysdrive%\проги\белофф\wpi\install |
| Windows 7 |
66.7% |
|
| Windows 10 |
33.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000193af |
| Name |
Size of data |
MD5 |
| .text |
101888 |
c624ae421a6c4f702f7f2c2c23c4aef1 |
| .rdata |
16384 |
746f7c2df0aa9b117542dd3e6429f2f1 |
| .data |
2048 |
07f7ba027ce50640e9ee99eddca1959f |
| .rsrc |
28160 |
634faf22125fbcadce016cd384c5ea38 |
